Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dataloss] VISA / 1ST BANK
From: lyger (lygerattrition.org)
Date: Fri Oct 20 2006 - 15:59:50 CDT
On Fri, 20 Oct 2006, George Toft wrote:
": " The new truth of the Digital Millennium: "Your personal information
": " expires when you do." ~Brian Honan / SANS
Tell that to all of the dead people who are registered to vote:
": " Until the lawmakers of Washington suffer ID Theft, nothing will change.
": " If I were an ID thief, I would definitely dump any high profile name
": " from my database - no need to spoil the party. And the party will
": " continue until some high profile politico gets burned.
But data loss <> ID theft. If data is lost or stolen regardless of an
actual theft of an identity or identities, said data has been
compromised even if no access can be proven. Things *can* change, but it
has to start with the actual protection of personal data and not wait
until the media starts screaming "IDENTITY THEFT" in the headlines.
": " I was in Home Depot this week at the customer service counter. A
": " customer was telling the clerk about someone running around with his
": " SSN. It is becomming commonplace (at least in Arizona).
": " George Toft, CISSP, MSIS
Out of curiousity, did he mention how it was compromised? Data breach of
a third party or did someone stole his wallet? Not much could probably
have been done about the latter, but the former needs to be addressed from
a data protection standpoint, not an "identity theft" one.
Lyger (look at all the quotes and footers i snipped, ma!)
Dataloss Mailing List (datalossattrition.org)
Tracking more than 137 million compromised records in 430 incidents over 6 years.